package com.xhorse.lockplatform.comm.interceptor;

import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 页面访问控制拦截器
 * Spring mvc配置
 * 2017-11-9
 *
 * @author Tom
 */
public class SecurityInterceptor extends HandlerInterceptorAdapter {

    @Override
    public boolean preHandle(HttpServletRequest request,
                             HttpServletResponse response, Object handler) throws Exception {
        String uri = request.getRequestURI();
        String contextPath = request.getContextPath();
        if (uri.startsWith(contextPath)) {
            uri = uri.substring(contextPath.length());
        }
        if (uri.startsWith("/manage") || uri.startsWith("static") || uri.startsWith("/public") || uri.startsWith
                ("/stat") || uri.startsWith("/login") || uri.startsWith("/h5") || uri.startsWith("/resource")) {
            //static resource or login page or callback interface, not authorize
            return true;
        } else {
            boolean isLogin = false;//LoginContext.checkLogin(request.getSession());
            /*if (!isLogin) {
                response.sendRedirect(contextPath + "/login");
            } else {
                if (LoginContext.isAdmin()) {
                    return isLogin;
                } else {
                    if (SysPermissionsEnum.checkPermissions(uri) || uri.startsWith("/index")) {
                        return isLogin;
                    }
                    response.sendRedirect(contextPath + "/login");
                    return false;
                }
            }*/
            return isLogin;
        }
    }

    @Override
    public void afterCompletion(HttpServletRequest request,
                                HttpServletResponse response, Object handler, Exception ex)
            throws Exception {
        //LoginContext.clear();
    }
}
